@blamejs/exceptd-skills 0.13.3 → 0.13.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. package/AGENTS.md +41 -4
  2. package/CHANGELOG.md +64 -0
  3. package/README.md +79 -13
  4. package/bin/exceptd.js +117 -9
  5. package/data/_indexes/_meta.json +44 -44
  6. package/data/_indexes/activity-feed.json +3 -3
  7. package/data/_indexes/catalog-summaries.json +3 -3
  8. package/data/_indexes/chains.json +0 -32
  9. package/data/_indexes/handoff-dag.json +127 -57
  10. package/data/_indexes/section-offsets.json +465 -411
  11. package/data/_indexes/summary-cards.json +34 -34
  12. package/data/_indexes/token-budget.json +298 -268
  13. package/data/cve-catalog.json +4 -146
  14. package/data/exploit-availability.json +0 -27
  15. package/data/framework-control-gaps.json +2 -2
  16. package/data/playbooks/ai-discovered-cve-triage.json +1146 -0
  17. package/data/playbooks/cicd-pipeline-compromise.json +3 -0
  18. package/data/playbooks/cred-stores.json +1 -0
  19. package/data/playbooks/crypto.json +3 -0
  20. package/data/playbooks/framework.json +3 -0
  21. package/data/playbooks/idp-incident.json +2 -1
  22. package/data/playbooks/kernel.json +1 -0
  23. package/data/playbooks/mcp.json +27 -2
  24. package/data/playbooks/post-quantum-migration.json +1268 -0
  25. package/data/playbooks/runtime.json +1 -0
  26. package/data/playbooks/sbom.json +3 -0
  27. package/data/playbooks/supply-chain-recovery.json +1332 -0
  28. package/data/zeroday-lessons.json +0 -89
  29. package/lib/schemas/cve-catalog.schema.json +2 -1
  30. package/lib/schemas/playbook.schema.json +5 -0
  31. package/lib/validate-cve-catalog.js +27 -0
  32. package/manifest.json +80 -80
  33. package/orchestrator/index.js +58 -1
  34. package/package.json +1 -1
  35. package/sbom.cdx.json +99 -66
  36. package/skills/age-gates-child-safety/skill.md +2 -0
  37. package/skills/ai-attack-surface/skill.md +2 -0
  38. package/skills/ai-c2-detection/skill.md +2 -0
  39. package/skills/ai-risk-management/skill.md +2 -0
  40. package/skills/api-security/skill.md +2 -0
  41. package/skills/attack-surface-pentest/skill.md +2 -0
  42. package/skills/cloud-security/skill.md +2 -0
  43. package/skills/compliance-theater/skill.md +28 -2
  44. package/skills/container-runtime-security/skill.md +2 -0
  45. package/skills/coordinated-vuln-disclosure/skill.md +1 -1
  46. package/skills/defensive-countermeasure-mapping/skill.md +2 -0
  47. package/skills/dlp-gap-analysis/skill.md +2 -0
  48. package/skills/exploit-scoring/skill.md +30 -1
  49. package/skills/framework-gap-analysis/skill.md +28 -1
  50. package/skills/fuzz-testing-strategy/skill.md +4 -2
  51. package/skills/global-grc/skill.md +2 -0
  52. package/skills/identity-assurance/skill.md +2 -0
  53. package/skills/kernel-lpe-triage/skill.md +2 -0
  54. package/skills/mcp-agent-trust/skill.md +4 -0
  55. package/skills/mlops-security/skill.md +2 -0
  56. package/skills/ot-ics-security/skill.md +2 -0
  57. package/skills/policy-exception-gen/skill.md +28 -1
  58. package/skills/pqc-first/skill.md +2 -0
  59. package/skills/rag-pipeline-security/skill.md +2 -0
  60. package/skills/researcher/skill.md +2 -0
  61. package/skills/sector-energy/skill.md +2 -0
  62. package/skills/sector-federal-government/skill.md +2 -0
  63. package/skills/sector-financial/skill.md +2 -0
  64. package/skills/sector-healthcare/skill.md +2 -0
  65. package/skills/security-maturity-tiers/skill.md +2 -0
  66. package/skills/skill-update-loop/skill.md +2 -0
  67. package/skills/supply-chain-integrity/skill.md +2 -0
  68. package/skills/threat-model-currency/skill.md +37 -1
  69. package/skills/threat-modeling-methodology/skill.md +2 -0
  70. package/skills/webapp-security/skill.md +2 -0
  71. package/skills/zeroday-gap-learn/skill.md +33 -1
package/data/playbooks/runtime.json CHANGED
@@ -56,6 +56,7 @@
56
56
  }
57
57
  ],
58
58
  "fed_by": [
59
+ "ai-discovered-cve-triage",
59
60
  "cred-stores",
60
61
  "hardening"
61
62
  ]
package/data/playbooks/sbom.json CHANGED
@@ -83,6 +83,7 @@
83
83
  ],
84
84
  "fed_by": [
85
85
  "ai-api",
86
+ "ai-discovered-cve-triage",
86
87
  "cicd-pipeline-compromise",
87
88
  "cloud-iam-incident",
88
89
  "containers",
@@ -92,6 +93,8 @@
92
93
  "kernel",
93
94
  "library-author",
94
95
  "mcp",
96
+ "post-quantum-migration",
97
+ "supply-chain-recovery",
95
98
  "webhook-callback-abuse"
96
99
  ]
97
100
  },